diff options
author | Rafal Szczesniak <mimir@samba.org> | 2003-03-14 17:05:13 +0000 |
---|---|---|
committer | Rafal Szczesniak <mimir@samba.org> | 2003-03-14 17:05:13 +0000 |
commit | 33c8a6779d490bd1aa722231a59a3b68343dbc17 (patch) | |
tree | 0a67efdb849d5aa5f6dec44c182e993c18d1be35 | |
parent | e37372f4d6e10204adf272f978524751420e890f (diff) | |
download | samba-33c8a6779d490bd1aa722231a59a3b68343dbc17.tar.gz samba-33c8a6779d490bd1aa722231a59a3b68343dbc17.tar.bz2 samba-33c8a6779d490bd1aa722231a59a3b68343dbc17.zip |
/tmp/newfun.msg
(This used to be commit 3f4cb7b2c4d9b54b41bcc184ccfd00032e2b021b)
-rw-r--r-- | source3/Makefile.in | 4 | ||||
-rw-r--r-- | source3/libsmb/trusts_util.c (renamed from source3/libsmb/trust_passwd.c) | 64 |
2 files changed, 63 insertions, 5 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index 78cd5746a7..e42dd1f395 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -214,8 +214,8 @@ LIBMSRPC_OBJ = rpc_client/cli_lsarpc.o rpc_client/cli_samr.o \ rpc_client/cli_reg.o rpc_client/cli_pipe.o \ rpc_client/cli_spoolss.o rpc_client/cli_spoolss_notify.o \ rpc_client/cli_ds.o libsmb/namequery_dc.o - -LIBMSRPC_SERVER_OBJ = libsmb/trust_passwd.o + +LIBMSRPC_SERVER_OBJ = libsmb/trusts_util.o REGOBJS_OBJ = registry/reg_objects.o REGISTRY_OBJ = registry/reg_frontend.o registry/reg_cachehook.o registry/reg_printing.o \ diff --git a/source3/libsmb/trust_passwd.c b/source3/libsmb/trusts_util.c index cf9fd58b13..055851f6b7 100644 --- a/source3/libsmb/trust_passwd.c +++ b/source3/libsmb/trusts_util.c @@ -1,7 +1,8 @@ /* * Unix SMB/CIFS implementation. - * Routines to change trust account passwords. - * Copyright (C) Andrew Bartlett 2001. + * Routines to operate on various trust relationships + * Copyright (C) Andrew Bartlett 2001 + * Copyright (C) Rafal Szczesniak 2003 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -113,4 +114,61 @@ NTSTATUS trust_pw_find_change_and_store_it(struct cli_state *cli, TALLOC_CTX *me return trust_pw_change_and_store_it(cli, mem_ctx, old_trust_passwd_hash); -} +} + + +/** + * Verify whether or not given domain is trusted. + * + * @param domain_name name of the domain to be verified + * @return true if domain is one of the trusted once or + * false if otherwise + **/ + +BOOL is_trusted_domain(const char* dom_name) +{ + int enum_ctx = 0; + const int trustdom_size = 10; + int num_domains, i; + TRUSTDOM **domains; + NTSTATUS result; + fstring trustdom_name; + DOM_SID trustdom_sid; + TALLOC_CTX *mem_ctx; + + /* + * Query the secrets db as an ultimate source of information + * about trusted domain names. This is PDC or BDC case. + */ + mem_ctx = talloc_init("is_trusted_domain"); + + do { + result = secrets_get_trusted_domains(mem_ctx, &enum_ctx, trustdom_size, + &num_domains, &domains); + /* compare each returned entry against incoming connection's domain */ + for (i = 0; i < num_domains; i++) { + pull_ucs2_fstring(trustdom_name, domains[i]->name); + if (strequal(trustdom_name, dom_name)) { + talloc_destroy(mem_ctx); + return True; + } + } + } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); + + /* + * Query the trustdom_cache updated periodically. The only + * way for domain member server. + */ + if (trustdom_cache_enable() && + trustdom_cache_fetch(dom_name, &trustdom_sid)) { + trustdom_cache_shutdown(); + return True; + } + + /* + * if nothing's been found, then give up here, although + * the last resort might be to query the PDC. + */ + return False; +} + |